Overview

overview

7

Static

static

5

0f3606317e...18.exe

windows7-x64

7

0f3606317e...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f3606317e68f53684cf6603c666b94e_JaffaCakes118

  • Size

    815KB

  • Sample

    241003-r4mwxa1anj

  • MD5

    0f3606317e68f53684cf6603c666b94e

  • SHA1

    5cc08f35c4615311a06cfcf718ce5326a3b59547

  • SHA256

    d9758b8ad39be9370665f737d3e55d6db2fb1d17cb6f73be91ab5fff0c34831f

  • SHA512

    30d1f85812e56187bd6f959973fbef64f02618feed5b842668026a02f5e7b275954895deb2a909b65c0e4466e97e1b858571daf5a11ca4b4f9d64b700e00ba6c

  • SSDEEP

    12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjNsW:r5sJo6YrFUiyAak11LtjNsW

Score
7/10
discoverypersistenceupx

Malware Config

Targets

    • Target

      0f3606317e68f53684cf6603c666b94e_JaffaCakes118

    • Size

      815KB

    • MD5

      0f3606317e68f53684cf6603c666b94e

    • SHA1

      5cc08f35c4615311a06cfcf718ce5326a3b59547

    • SHA256

      d9758b8ad39be9370665f737d3e55d6db2fb1d17cb6f73be91ab5fff0c34831f

    • SHA512

      30d1f85812e56187bd6f959973fbef64f02618feed5b842668026a02f5e7b275954895deb2a909b65c0e4466e97e1b858571daf5a11ca4b4f9d64b700e00ba6c

    • SSDEEP

      12288:rbpHYUKy5U1bo9t8DMRSW9vbciUiLuAvOxMt11i27QitjNsW:r5sJo6YrFUiyAak11LtjNsW

    Score
    7/10
    discoverypersistenceupx

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks